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REMARKS 

In response to the Office Action mailed December 29, 2006, Applicants respectfully 
request reconsideration. Claims 1-37 were previously pending in this application. By this 
amendment, claims 1, 6, 18, 19, 21-25, and 33 have been amended. A second claim inadvertedly 
numbered as 33 and claims 34-36 have been canceled 1 . New claims that include the subject 
matter of the canceled claims 37-39 have been added. As a result, claims 1-33 and 37-39 are 
pending for examination with claims 1, 19, 21 and 37 being independent. No new matter has 
been added. 

Objections to the Specification 
The Office Action objected to claims 34-37 because two claims were previously 
numbered as 33 with the following claims erroneously numbered. Applicants have canceled the 
second claim 33 and claims 34-36 and have added new claims 37-39, wherein claim 37 
corresponds to amended former second claim 33, claim 38 corresponds to former claim 34, and 
claim 39 corresponds to former claim 36. The subject matter of former claim 35 has been 
incorporated into a new independent claim 37, as discussed below. 

Accordingly, withdrawal of the objection is respectfully requested. 

Objections to the Claims 

The Office Action objected to claim 6 as containing a typo and to claim 21 as lacking an 
antecedent basis in the language of the claim. Applicants have amended claims 6 and 21 to 
address the Examiner's concerns. 

Accordingly, withdrawal of these objections is respectfully requested. 

Rejections under 35 U.S.C. $101 
The Office Action rejected claims 18 and 33 under 35 U.S.C. 101 as allegedly directed to 
non-statutory subject matter. Without acceding to the appropriateness of the rejection, 
Applicants have amended claims 18 and 33 to comply with claim language requirements of 



1 As objected to in the Office Action, two claims were previously numbered as 33. By this amendment, a second 
claim 33 and claims 34-36 have been canceled. 
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MPEP § 2106.01 (I), which states that "a claimed computer-readable medium encoded with a 
computer program is a computer element which defines structural and functional 
interrelationships between the computer program and the rest of the computer which permit the 
computer program's functionality to be realized, and is thus statutory." 

Applicants believe that claims 18 and 30 are directed to statutory subject matter. 

Accordingly, withdrawal of these rejections is respectfully requested. 

Rejections under 35 U.S.C. §112 
The Office Action rejected claim 19 under 35 U.S.C. 112, second paragraph, as being 
indefinite. Applicants have amended claim 19 to overcome the rejection. 
Accordingly, withdrawal of this rejection is respectfully requested. 

Rejections Under 35 U.S.C. §102 
The Office Action rejected claims 1-3, 12-15, 18-26, 30 and 33-35 under 35 U.S.C. 
102(e) as being anticipated by Malcolm, US Patent 7,146,638. Applicants respectfully traverse 
the rejection. 



I. Independent Claim 1 
Claim 1, as amended, recites 

A computer-implemented method, comprising: 

receiving a call from an application via a first application programming 
interface, the call having parameters for a connection to an endpoint that the 
application desires to establish; 

receiving from the application via the first application programming 
interface a request to establish the connection; 

providing the application with an indication indicating that the request is 
supported; and 

making a call via a second application programming interface to a 
firewall to establish the connection in accordance with the parameters. 
(Emphasis added). 

Malcolm is directed to controlling by a firewall program whether an application program 
is granted access to a wide area network (WAN), such as the Internet (Abstract). The firewall 
receives the at least one access request definition from the application program during startup of 
the application program or immediately prior to the intercepted access request (col. 4, lines 20- 
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25). The firewall then prompts a user to approve or deny the intercepted access request 
accompanied by the justification statement from the identified access request definition 
explaining why the application program needs to access the wide area network (col. 5, lines 65- 
57 - col. 6, lines 1-5). The firewall communicates the justification statement through a dialogue 
box or other suitable communications interface to inform the user about the type and purpose of 
the requested Internet access (col. 6, lines 21-24). After informing the user about the access 
request, the firewall receives a user response indicating approval or denial of the intercepted 
access request (col. 4, lines 38-40). 

Malcolm neither teaches nor suggests "a" computer-implemented method, comprising: 
receiving a call from an application via a first application programming interface, the call having 
parameters for a connection to an endpoint that the application desires to establish; receiving 
from the application via the first application programming interface a request to establish the 
connection; providing the application with an indication indicating that the request is supported; 
and making a call via a second application programming interface to a firewall to establish the 
connection in accordance with the parameters, " as recited in claim 1 . 

In view of the foregoing, claim 1 patentably distinguishes over Malcolm. 

Claims 2-18 depend from claim 1 and are allowable for at least the same reasons. 

Accordingly, withdrawal of the rejection of claims 1-18 is respectfully requested. 

II. Independent Claim 19 

Claim 19, as amended, recites 

A computer system comprising: 
an operating system; 

an enforcement module associated with the operating system and called 
via the application programming interface and configured and adapted to: 

receive an indication from the application that the application 
desires to establish the connection; and 

make a call to a firewall to establish the connection in accordance 
with the parameters. 

(Emphasis added). 

Malcolm discusses an exemplary computer upon which the firewall method or protocol 
for controlling access or communication between an application program and a wide area 
network may be implemented (col. 4, lines 3-5; Fig. 1). The computer comprises a system unit 
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1 1 including a system bus or plurality of busses 21, a keyboard 12, a mouse 13 and a display 14. 
The microprocessor 22 is connected to the system bus 21 and is supported by read only memory 
(ROM) 23 and random access memory (RAM) 24, also connected to the system bus 21 (col. 8, 
lines 21-30). An operating system 58, firewall program 56, and application programs 50, 52, 54 
are resident in the random access memory 24 when loaded from the hard disk 26 for use (col. 8, 
lines 62-64). 

Malcolm neither teaches nor suggests "a computer system comprising: ... an enforcement 
module associated with the operating system and called via the application programming 
interface and configured and adapted to: receive an indication from the application that the 
application desires to establish the connection; and make a call to a firewall to establish the 
connection in accordance with the parameters," as recited in claim 19. 

In view of the foregoing, claim 19 patentably distinguishes over Malcolm. 

Claim 20 depends from claim 19 and is allowable for at least the same reasons. 

Accordingly, withdrawal of the rejection of claims 19 and 20 is respectfully requested. 



III. Independent Claim 21 
Claim 21, as amended, recites 

A computer-implemented method, comprising: 

receiving a connect attempt, a listen attempt, or a combination thereof 
from an application or a service; 

extracting user and application or service information from the connect 
attempt, the listen attempt, or the combination thereof; 

identifying a user and the application or the service from the user and 
application or service information; 

determining if the connect attempt, the listen attempt, or the combination 
thereof need to match a policy; 

if the connect attempt, the listen attempt, or the combination thereof need 
to match the policy, establishing, via an application programming interface, the 
policy and adding the policy to a plurality of policies; 

evaluating the application or service information to determine if the 
connect attempt, the listen attempt, or the combination thereof comply with one or 
more policies from the plurality of policies; and 

if the connect attempt, the listen attempt, or the combination thereof 
comply with one or more policies from the plurality of policies, configuring a 
firewall to allow the connect attempt, the listen attempt, or the combination 
thereof. 

(Emphasis added). 
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As discussed above, Malcolm neither teaches nor suggests "a computer-implemented 
method, comprising: receiving a connect attempt, a listen attempt, or a combination thereof from 
an application or a service; extracting user and application or service information from the 
connect attempt, the listen attempt, or the combination thereof; identifying a user and the 
application or the service from the user and application or service information; determining if the 
connect attempt, the listen attempt, or the combination thereof need to match a policy; if the 
connect attempt, the listen attempt, or the combination thereof need to match the policy, 
establishing, via an application programming interface, the policy and adding the policy to a 
plurality of policies; evaluating the application or service information to determine if the connect 
attempt, the listen attempt, or the combination thereof comply with one or more policies from the 
plurality of policies; and if the connect attempt, the listen attempt, or the combination thereof 
comply with one or more policies from the plurality of policies, configuring a firewall to allow 
the connect attempt, the listen attempt, or the combination thereof," as recited in claim 21. 

In view of the foregoing, claim 21 patentably distinguishes over Malcolm. 

Claims 22-33 2 depend from claim 21 and are allowable for at least the same reasons. 

Accordingly, withdrawal of the rejection of claims 21-33 is respectfully requested. 



New Claims 

New independent claim 37 recites 

A computer system, comprising: 
a firewall; and 

an interception module including an application programming interface 
and configured and adapted to: 

intercept a request for a connect attempt, a listen attempt, or a 
combination thereof from an application or a service; 

extract user and application or service information from the 
connect attempt, the listen attempt, or the combination thereof; 

identify a user and the application or the service from the user and 
application or service information; 

determine if the connect attempt, the listen attempt, or the 
combination thereof need to match a policy; 

if the connect attempt, the listen attempt, or the combination 
thereof need to match the policy, establish, via the application programming 
interface, the policy and add the policy to a plurality of policies; 



2 As discussed above, two claims were previously numbered as 33. The first claim numbered as 33 depends from 
claim 21. By this amendment, Applicants have canceled the second claim numbered as 33. 
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evaluate the application or service information to determine if the 
connect attempt, the listen attempt, or the combination thereof comply with one or 
more policies from the plurality of policies; and 

if the connect attempt, the listen attempt, or the combination 
thereof comply with one or more policies from the plurality of policies, instruct 
the firewall to create a configuration to allow the connect attempt, the listen 
attempt, or the combination thereof. 
(Emphasis added). 

As discussed above, Malcolm neither teaches nor suggests "a computer system, 
comprising ... an interception module including an application programming interface and 
configured and adapted to: intercept a request for a connect attempt, a listen attempt, or a 
combination thereof from an application or a service; extract user and application or service 
information from the connect attempt, the listen attempt, or the combination thereof; identify a 
user and the application or the service from the user and application or service information; 
determine if the connect attempt, the listen attempt, or the combination thereof need to match a 
policy; if the connect attempt, the listen attempt, or the combination thereof need to match the 
policy, establish, via the application programming interface, the policy and add the policy to a 
plurality of policies; evaluate the application or service information to determine if the connect 
attempt, the listen attempt, or the combination thereof comply with one or more policies from the 
plurality of policies; and if the connect attempt, the listen attempt, or the combination thereof 
comply with one or more policies from the plurality of policies, instruct the firewall to create a 
configuration to allow the connect attempt, the listen attempt, or the combination thereof," as 
recited in claim 37. 

In view of the foregoing, claim 37 is allowable. 

New claims 38-39 depend from claim 37 and are allowable for at least the same reasons. 
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CONCLUSION 



A Notice of Allowance is respectfully requested. The Examiner is requested to call the 
undersigned at the telephone number listed below if this communication does not place the case 
in condition for allowance. 

If this response is not considered timely filed and if a request for an extension of time is 
otherwise absent, Applicants hereby request any necessary extension of time. If there is a fee 
occasioned by this response, including an extension fee, that is not covered by an enclosed 
check, please charge any deficiency to Deposit Account No. 23/2825. 

Dated: March 29, 2007 Respectfully submitted, 




-3amd H. Morris, Reg. No. 34,681 
Wtfff, Greenfield & Sacks, P.C. 
600 Atlantic Avenue 
Boston, Massachusetts 02210-2206 
Telephone: (617) 646-8000 
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